All Collections
Billing and account settings
Security
How to setup SSO with OKTA
How to setup SSO with OKTA

Learn how you can setup SSO with OKTA.

Tamás Párványik avatar
Written by Tamás Párványik
Updated over a week ago

Contents:

Who can setup SSO with OKTA

Any user can access domain control settings on StoriesOnBoard. However, you should login to OKTA with an Admin user in order to be able to setup the Application.

How to setup SSO with OKTA

Step 1 - Claim a new domain on StoriesOnBoard

  1. Login into your StoriesOnBoard workspace

  2. Navigate to "Advanced settings"

  3. Select "Domain control"

  4. Proceed with "Claim a new domain" option

  5. Fill out the domain details, including:

    1. Company name

    2. Domain name

    3. Set Verification method for "Ownership validator file upload

  6. Select "Save"

  7. Then "Verify" the domain you created

⚠️ IMPORTANT ⚠️
Please note upon a successful verification on your end, our team will also need to approve your domain manually. Please wait for our approval. Once it is approved you can proceed the setup.

Step 2 - Configure your domain on StoriesOnBoard

  1. After verification proceed with "Configure"

  2. Select the "SSO settings" tab

  3. "Enable SAML 2.0 Single Sign On"

  4. Select "SP MetaData" tab

    1. You will need to use this data in OKTA settings in steps 8-9-10-11-12.

Step 3 - OKTA settings

  1. Login to OKTA as an Admin

  2. Go to "Applications"

  3. Select "Create app integration"

  4. Choose "SAML 2.0"

  5. Proceed with "Next"

  6. Enter "App name"

  7. Then "Next"

  8. Enter sign-on URL = Login URL (ACS) in StoriesOnBoard

  9. Enter Audience URI (SP Entity ID) = Entity ID in StoriesOnBoard

  10. Leave empty the Default RelayState

  11. Select Name ID format from the list = EmailAddress

  12. Select Application Username from the list = Okta username

  13. Setup Attributes Statements as following:

    1. FirstName - Unspecified with the value of "user.FirstName"

    2. LastName - Unspecified with the value of "user.LastName"

  14. Proceed with "Next"

  15. Select " I am an Okta customer adding an internal app" option

  16. Then click on "Finish"

  17. Scroll down on on the page to "SAML Signing Certificates"

  18. Select "Actions"

  19. Proceed with "View IdP metadata"

    1. a new window will open where you will need to copy the metadata

Step 4 - Final configuration in StoriesOnBoard

  1. Select the "SSO settings" tab

  2. Enter First name attribute = FirstName

  3. Enter Last name attribute = LastName

  4. Copy the metadata from OKTA into the "Identity Provider MetaData" section

  5. Then click on "Save"

Step-by-step guide to setup SSO with OKTA

Step 1 - Claim a new domain on StoriesOnBoard

Login to StoriesOnBoard and open "Advanced settings" then select "Domain control".

First you must claim a new domain.

Enter your Company Name, Domain Name and select Verification Method as "Ownership validator file upload".


To make sure that you will be able to take advantage of the setup, you need to "Verify" your domain.

⚠️ IMPORTANT ⚠️
Please note upon a successful verification on your end, our team will also need to approve your domain manually. Please wait for our approval. Once it is approved you can proceed the setup.



Step 2 - Configure your domain on StoriesOnBoard

After the verification process your domain must be configured as following.


In the "Configure Domain" settings select the "SSO Settings" and then "Enable SAML 2.0 Single Sign On".


Then select the "SP MetaData" tab. The information highlighted with blue color will be relevant when you are setting up your Application in OKTA.


Step 3 - OKTA settings

Login to OKTA as an Admin, then select the "Applications" tab. Then proceed with "Create App Integration" as below.

Choose "SAML 2.0" and then select "Next".


Enter your App name and hit "Next".


In this step you need to access StoriesOnBoard and look at the information on the "SP MetaData" tab. Copy and paste data as displayed below and then proceed "Next".


Choose the "I'm an Okta customer adding an internal app" option then select "Finish".

Scroll down to SAML Singing Certificates and select "Actions" then "View IdP metadata. This will open your metadata in a new window that you need to copy into StoriesOnBoard.


Step 4 - Final configuration in StoriesOnBoard

Now that you copied the metadata go back to StoriesOnBoard and select the "SSO Settings" tab once again.

Enter the First name attribute : FirstName
Enter the Last name attribute : LastName

Then simply paste your meta data into the "Identity Provider MetaData" field. Then save it and you are all set.

Learn more about:

Did this answer your question?